CVE-2014-0128 : SQUID-2014:1 Denial of Service in SSL-Bump http://www.squid-cache.org/Advisories/SQUID-2014_1.txt This problem occurs in SSL-Bumped traffic and most severely when using server-first bumping. It allows any client who can generate HTTPS requests to perform a denial of service attack on Squid. There are popular client software implementations which generate HTTPS requests and triggering this vulnerability during their normal activities.

Squid is an open source, full-featured and high-performance web proxy cache application that can be arranged hierarchically for an improvement in response time and a reduction in bandwidth usage.

It works by first caching frequently used websites and then reuse them to provide users with a much faster web browsing experience, as well as to reduce the costs of their expensive Internet plans.

Supports a wide range of protocols

The application supports proxying and caching of the well known HTTP/HTTPS and FTP Internet protocols, as well as other URLs. Furthermore, it supports proxying for SSL (Secure Sockets Layer), cache hierarchies, cache digests, transparent caching, extensive access controls, HTTP server acceleration, and caching of DNS (Domain Name System) lookups.

Used by many ISPs around the world

The program is mostly used by ISPs (Internet Service Providers) who want to deliver their users with ultra fast and high quality Internet connections, especially for intense web browsing sessions. It is also used by several websites to deliver rich multimedia content faster.

Being the result of many contributions by unpaid and paid volunteers, the Squid project has been successfully tested with popular GNU/Linux distributions, as well as with the Microsoft Windows operating systems.

Squid is an important project for all home Internet users, but it was extremely useful a few years ago when there weren’t so many high-speed Internet Service Providers (ISPs) out there.

Bottom line

These days, thanks to the ever-growing network technologies, one those not need to install and configure a Squid proxy cache server in order to have a faster web browsing experience. However, this doesn’t mean that it’s not useful in some third world countries where high-speed Internet connection is still available only to rich people or big companies.

Squid was reviewed by Marius Nestor, last updated on February 18th, 2015